The Heartbleed Security researchers have discovered a serious vulnerability in OpenSSL, the cryptographic software library that encrypts and protects many web sites data. The Heartbleed bug – so called because it exploits a failure in an extension called heartbeat – not only lets attackers read the confidential encrypted data; it also allows them to take the encryption keys used to secure the data. That means that even servers which fix the bug, using a patch supplied by OpenSSL, must also update all their keys or risk remaining vulnerable. What it […]